Closed
Bug 860925
Opened 12 years ago
Closed 10 years ago
Potential memory leaks on managing certificate using dupcert and CERT_AddCertToListTail
Categories
(Core :: Security: PSM, defect)
Tracking
()
RESOLVED
WORKSFORME
People
(Reporter: cviecco, Unassigned)
References
Details
There are two places within nsIdentityChecking.cpp
where the idiom:
CERT_AddCertToListTail(certList, CERT_DupCertificate($SOMECERT));
is used.
This is problematic as there is no garantee that CERT_DupCertificate will actually succeed, further if the CERT_AddCertToListTail call fails there is no way do delete the temporary cert.
Comment 1•12 years ago
|
||
(In reply to Camilo Viecco (:cviecco) from comment #0)
> This is problematic as there is no garantee that CERT_DupCertificate will
> actually succeed
You can rely on CERT_DupCertificate to always succeed. I have verified this before with the NSS team.
> further if the CERT_AddCertToListTail call fails there is
> no way do delete the temporary cert.
Yes, this is a problem.
Comment 2•10 years ago
|
||
It doesn't look like this pattern exists anywhere within PSM anymore.
AFAICT Bug 975229 removed most, if not all instances of this pattern:
https://hg.mozilla.org/mozilla-central/diff/b3ebf7675c7b/security/certverifier/ExtendedValidation.cpp etc
You need to log in
before you can comment on or make changes to this bug.
Description
•